Securing the Communication between SAP HANA Studio and SAP HANA Server through SSL

This blog shows you, how to secure the communication between HANA Server and HANA Studio through SSL. It is highly recommended when there are lot of sensitive data handled in the system, which you want to secure from the middle-man attacks. There could be multiple documents available in SCN on this topic, but here I wants to show my experience on setting this up, in short time.

Pre-requisites:

HANA Server is installed and running

HANA studio is installed in the local system

Access to the HANA server

Putty / WinSCP tools

HANA Server and client without SSL configured:

Steps need to be performed in HANA Server:

Login to HANA server system using Putty, as a root user and check if the libssl.so file exists. If not, create a symbolic link to libssl.so.0.9.8.

5. Enter the keystore password and the default password for the Java keystore is “changeit”. Once the password is entered, and the certificate details will be shown. Enter “yes” to trust the certificate

6. Now the Certificate would be added to the keystore

Enable SSL Communication:

Close HANA Studio(if it’s opened already)

Open the HANA Studio and go to Administrator’s perspective, right click and add the HANA system (MK2 in our case)

Enable “Connect using SSL”, in the Connection Properties dialog and click Finish

4. Now hover the added HANA(MK2) system, you will observe a small lock on the system along with SSL indication in the tooltip as shown below

Now the SSL has been configured between HANA Server and HANA Studio and the communication is secured.

For the server side the way to create the server certificate shown here is correct. However, the actual server configuration -as shown here- will work only if you have OpenSSL configured as your crypto provider.